Hacking

Pierluigi Paganini June 23, 2021
SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day

A critical vulnerability, tracked as CVE-2021-20019, in SonicWall VPN appliances was only partially patched last year and could allow a remote attacker to steal sensitive data. In October last year, experts reported a critical stack-based Buffer Overflow vulnerability, tracked as CVE-2020-5135, in SonicWall Network Security Appliance (NSA) appliances. At the time of the discovery, security experts from the Tripwire VERT […]

Pierluigi Paganini June 23, 2021
MITRE adds D3FEND defensive cybersecurity techniques to ATT&CK Framework

D3FEND is a new project promoted by MITRE Corporation to add defensive cybersecurity techniques to the ATT&CK Framework. D3FEND is a new project promoted by MITRE Corporation aimed to add a knowledge graph of cybersecurity countermeasures to the ATT&CK Framework. The project was announced this week by the U.S. National Security Agency (NSA), it proposes […]

Pierluigi Paganini June 22, 2021
Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers

DarkRadiation is a new strain of ransomware implemented in Bash that targets Linux and Docker cloud containers and leverages Telegram for C2. Trend Micro researchers spotted a new strain of ransomware, dubbed DarkRadiation, which is writted in Bash script and target Linux distributions (Red Hat/CentOS and Debian) and Docker cloud containers. The ransomware uses OpenSSL’s […]

Pierluigi Paganini June 22, 2021
ADVERSARIAL OCTOPUS – ATTACK DEMO FOR AI-DRIVEN FACIAL RECOGNITION ENGINE

Researchers from Adversa devised an attack technique, dubbed ADVERSARIAL OCTOPUS, against Facial Recognition systems.  THE INTENTION BEHIND THIS PROJECT Driven by our mission to increase trust in AI, Adversa’s AI Red Team is constantly exploring new methods of assessing and protecting mission-critical AI applications. Recently, we’ve discovered a new way of attacking Facial Recognition systems […]

Pierluigi Paganini June 22, 2021
A ransomware attack disrupted the IT network of the City of Liege

Belgium city of Liege has suffered today a ransomware attack that has disrupted the IT network of the municipality and its online services. Liege, one of the biggest cities in Belgium, was hit by a ransomware attack that has disrupted the IT network of the municipality and its online services. “The City of Liège is […]

Pierluigi Paganini June 22, 2021
DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

DirtyMoe is a Windows botnet that is rapidly growing, it passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Researchers from Avast are warning of the rapid growth of the DirtyMoe botnet (PurpleFox, Perkiler, and NuggetPhantom), which passed from 10,000 infected systems in 2020 to more than 100,000 in […]

Pierluigi Paganini June 22, 2021
Tor Browser 10.0.18 fixes a bug that allows to track users by fingerprinting installed apps

The Tor Project released Tor Browser 10.0.18 that addresses a flaw that allows sites to track users by fingerprinting the installed apps. The Tor Project has released Tor Browser 10.0.18, the new version of the popular browser addresses multiple flaws, including a vulnerability that could be exploited to track users by fingerprinting the applications installed […]

Pierluigi Paganini June 22, 2021
DroidMorph tool generates Android Malware Clones that

Boffins developed a tool dubbed DroidMorph that provides morphing of Android applications (APKs) and allows to create Android apps (malware/benign) clones. A group of researchers from Adana Science and Technology University (Turkey) and the National University of Science and Technology (Islamabad, Pakistan) has developed a tool dubbed DroidMorph that provides morphing of Android applications (APKs) […]

Pierluigi Paganini June 21, 2021
Ragnar Locker ransomware leaked data stolen from ADATA chipmaker

The Taiwanese memory and storage chip maker ADATA was hit by the Ragnar Locker ransomware gang that also published more than 700GB of stolen data. The Ragnar Locker ransomware gang has published on its leak sites more than 700GB of data stolen from Taiwanese memory and storage chip maker ADATA. The group published the link […]

Pierluigi Paganini June 21, 2021
NSA releases guidance for securing Unified Communications and VVoIP

The US National Security Agency (NSA) released guidance for securing Unified Communications/Voice and Video over IP Systems (VVoIP). NSA last week released guidance for securing their communication systems, specifically Unified Communications (UC) and Voice and Video over IP (VVoIP). Unified Communications (UC) and Voice and Video over IP (VVoIP) call-processing systems provide enterprises communications and […]